HIPAA Flashcards
What is e-PHI
Electronic Protected Health Information.
What is PHI
Protected Health Information.
What Is HIPAA.
HIPPA is the Health Insurance Portability and Accountability Act of 1996.
What are the two parts of HIPAA that we’re are presently concerned about?
*Protection for the privacy of Protected Health Information *Protection for the security of electronic Health Information.
What is the difference between the Privacy Rule and the Security Rule?
The Privacy Rule sets standards for covered entities and business associates as to how they are to maintain the privacy of PHI (2003)
The Security rule, likewise requires covered entities and businesses to implement basic safeguards to protect e-PHI (2005)
When did HIPAA become law and when did it become implemented?
HIPPA was enacted in 1996 and became implemented in 2003.
What kind of Law is HIPAA?
HIPPA is a Federal Law.
What are some of the benefits of HIPAA?
- Protects the privacy and Security of PHI both physically and electronically.
- Prevents Health Care Fraud and Abuse.
- Simplifies billing and other transactions, reducing health care administrative costs.
What does the acronym PO mean?
Privacy Officer: each facility has an employee responsible for implementing and enforcing this law.
Who are considered Covered Entities?
- Providers
- Health Care Plans
- Clearing Houses for Electronic Billing
- Business Associates of Health Care Providers.
What does the acronym TPO mean
Treatment, payment, operations…
What is the Need To Know Principle?
PHI should be shared with as few people as needed and only to the extent needed to ensure care for current admission of office visit.
What are the 7 patient rights regarding privacy of PHI?
- Receive notice of an agencies Privacy Practices
- Know PHI will only be used for TPO (treatment, payment, operations)
- Consent and control use and disclosure of PHI
- Access to their PHI
- Request Ammendment
- Receive accounting of disclosures
- File Privacy Complaints
As a student, how will you discuss PHI?
Only as it applies to your current education and your patient’s care.
What are some ways to ensure PHI is protected?
Don’t discuss in elevators or cafeterias. Don’t allow others to see your computer screen. Take all reasonable steps to ensure conversations about PHI are not overheard.
How may PHI be used or shared?
For treatment of the patient, including payment reminders
Payment of Healthcare bills
Business and management operations.
Disclosures required by law
Public health and other governmental reporting.
What comprises PHI?
Anything relating to present, past or future care or condition of a patient. This is in ANY form: printed, electronic or verbal. Anything that identifies or can be used to identify an individual.
When can you use PHI?
Only to do your job.
What happens to an employee who does not protect a patient’s privacy?
The employee could lose their job.
What if there is a breach of confidentiality?
You must report it to the appropriate officer (Privacy Officer) at the institution.
What is the guideline for downloading, copying or removing PHI?
The employee should not download, copy or remove PHI from the clinical area, except as necessary to do his job.
What are the guidelines for manual faxing?
Only for Medical Emergencies or other situations considered Urgent, such as sending lab results to a physician.
Information that should not be faxed except in an emergency….
- Drug dependence
- Alcohol dependence
- Mental illness or Psych info
- STD info
- HIV Status
